Hello, Can someone tell me, How i can enable PermitRootLogin in /etc/ssh/sshd_config in AIX currently the server cannot be 'su - root' to as well. Sshd can be configured using command-line options or a configuration file (by default sshd_config(5)); command-line options override values specified in the configuration file. Sshd rereads its configuration file when it receives a hangup signal, SIGHUP, by executing itself with the name and options it was started with, e.g., /usr/sbin/sshd. How to setup ssh's umask for all type of connections. Ask Question 34. Then check if UsePam is set to Yes in the /etc/ssh/sshd_config file.
Active3 years, 11 months ago
Sshd_config File Location In Aix
I have an
sshd_config file that is configured not to allow users in the group nologin to ssh in to this server (DenyGroups nologin ). While I have several users in this group, I do want to override this for one of the users (let's call the user greg ).
I tried adding
AllowUsers greg to the sshd_config file, but that didn't seem to work. Is it possible to do this?
The sshd_config looks like:
Adding 'AllowUsers greg' (greg is a member of the login group) does not allow greg to ssh.
GregH
GregHGregH
Sshd Config Example3 Answers
Manual page for
sshd_config(5) describes the behaviour of these options like this:
If specified, login is allowed/disallowed only for users/groups whose primary group or supplementary group list or name matches one of the patterns. Only group names are valid; a numerical group ID is not recognized. By default, login is allowed for all groups. The allow/deny directives are processed in the following order: DenyUsers, AllowUsers, DenyGroups, and finally AllowGroups.
This hints that if you define only these two options, it should work for you. You probably use some other options which interfere with your setup. Can you post the whole config you are using?
JakujeJakuje
7,10422 gold badges2727 silver badges3636 bronze badges
Seems straight forward to me, just remove IainIain
greg from the nologin group.
107k1717 gold badges171171 silver badges261261 bronze badges
Sshd Config File In Linux![]()
You can't do that this way, since all directives are evaluated before
sshd makes a final decision. Thus, although greg is allowed by AllowUsers , it's denied later on by the DenyGroups matching the group he is in. The manual is somewhat unspecific here, because it does not mention that all directives are evaluated in the order described by Jakuje, so I tried this in OpenSSH 5.2p1 on a spare system. Indeed, the evaluation order should be the other way around (first allow/deny groups, next allow/deny users). That would make much more sense, at least to me.
LBCLBC
Linux Sshd ConfigNot the answer you're looking for? Browse other questions tagged linuxssh or ask your own question.Comments are closed.
|
AuthorWrite something about yourself. No need to be fancy, just an overview. Archives
November 2020
Categories |